XSS flaws expose weaknesses on Amazon and UK newspaper websites

XSS flaws expose weaknesses on Amazon and UK newspaper websites

Cross-site scripting (XSS) flaws are amongst the most commonly encountered security flaws found on websites, opening up opportunities for malicious hackers to hijack customer accounts, change users' settings and phish login credentials.

So how come websites keep falling foul of them?

Read more in my article on the Optimal Security blog.

Tags: , ,


Read more...
WikID

[SPONSOR] WiKID Two-factor Authentication without the hassle factor - Free for 5 users!

My sincere thanks to WiKID, who have sponsored my writing for the last week. Check out their two-factor authentication solution - which is free for five users. Thanks guys!

Here is how they describe their product:

The WiKID Strong Authentication System is a dual-source, on-premises two-factor authentication solution for enterprises. The WiKID server is simple to implement and maintain, highly reliable and supports all Enterprise-class remote access and privileged account solutions.

The WiKID server is available as a virtual appliance - no Linux experience necessary or as DEB/RPM packages.

(more…)


Read more...
Android users exposed to malware by installer hijacking vulnerability

Android users at risk of malware via installer hijacking vulnerability

Security researchers have warned about a widespread vulnerability in Android devices, that could see attackers sneakily modify or entirely replace seemingly benign apps with malware, without users becoming aware.

Read more in my article on the Optimal Security blog.

Tags: , ,


Read more...